The Firefox browser has an estimated 2.54 percent marketshare, barely edging out also-rans like the Samsung Internet or Opera browsers. Still, Firefox continues to survive, largely because of its emphasis on privacy and security, which appeals especially to Linux users.

If you are looking for more in a browser, you should consider LibreWolf, a Firefox fork that takes privacy and security to even greater levels, with documentation that allows users to make intelligent choices and customize their browser security exactly as they choose (Figure 1). LibreWolf is just starting to appear in distributions, but it maintains current packages for Windows, macOS, and Linux, as well as for half a dozen distributions, including Arch Linux, Debian, Fedora, Gentoo, and openSUSE.

Figure 1: LibreWolf is a security-oriented fork of Firefox.

While LibreWolf has some limitations and perhaps requires some changes in user habits, it has far fewer restrictions than many security and privacy solutions. LibreWolf offers increased protection against tracking and fingerprinting techniques thanks to easy-to-find privacy and security-conscious settings and patches. Furthermore, it removes telemetry and data collection, while disabling features like Digital Rights Management (DRM), crash reports, the password manager, and Pocket article recommendations. Finally, LibreWolf promises “No data collection of any kind,” adding “we wouldn’t even have the infrastructure to do that, making it impossible from a technical standpoint.”

Feature Categories

LibreWolf divides its features on the project’s documentation page into categories: Annoyances, Security, Privacy, and Other. Annoyances are features that do not affect security or privacy, but whose removal improves the user experience. For instance, LibreWolf prevents scripts from resizing windows and disables all search suggestions and ads, including those for Mozilla VPN. Other removed annoyances are ones that many security-conscious users turn off automatically, such as the autoplay of media and extension recommendations. Purging recommendations also seems to remove bloat, because LibreWolf is noticeably faster than Firefox. LibreWolf certainly removes unnecessary features.

In terms of security features, LibreWolf, like most free software, relies on regular updates from upstream to patch known vulnerabilities. It also implements common sense practices such as using only secure HTTPS mode and always requiring users to choose where to save downloaded files. To these settings, it adds its own security practices, such as disabling scripting in the PDF reader, adding stricter negotiation rules for TLS/SS, and an optional firewall for extensions.

To address privacy concerns, LibreWolf disables other Firefox features, including the search and form history, autofill, and disk cache. The only extension installed is uBlock Origin (Figure 2), whose extensive options include the blocking of trackers and ads separately for each site, as well summaries of its own activities (Figure 3). Another surprisingly simple yet obviously effective feature is the stripping of tracking elements from addresses.

Figure 2: uBlock Origin blocks not only ads but a wide variety of contents that might leave a system vulnerable or simply be annoying on a site-by-site basis.

Figure 3: uBlock Origin provides a summary of its general activity on LibreWolf’s homepage.

While the documentation page is little more than an item list, the Settings page clearly identifies features specific to LibreWolf (Figure 4), with the ability to enable disabled features often only a few clicks away. If more information is needed, more detail can be quickly found through an online search.

Figure 4: The LibreWolf-specific settings.

Compatibility with other Privacy and Security Solutions

If LibreWolf interests you, you may already use other privacy and security solutions. LibreWolf’s documentation includes notes about its compatibility with several of the most common solutions. It explains issues, but leaves users to decide what to do.

Concerning using LibreWolf with Tor, the documentation says, “Please don’t.” It goes on to explain that the Tor Network’s ability to give complete anonymity might be compromised if used with another browser, even LibreWolf. To do so would make you stand out. Note, though, that, like Mozilla, LibreWolf does borrow Resist Fingerprinting from the Tor Uplift Project (i.e., to confine cookies to their site of origin and to prevent cookies from tracking the sites your browser opens).

LibreWolf disables Google’s Safe Browsing because of a preference to avoid relying on a large corporation like Google and the fact that this solution requires a Google account. However, the LibreWolf documentation adds that “Safe Browsing is still a good security tool and Mozilla’s implementation is privacy respecting: For this reason those who are interested in the extra security, and in particular less technical users, can and should safely enable it.”

DNS over HTTPS (DoH), which resolves domain names over the HTTPS protocol, is disabled in LibreWolf on the grounds that using it is a trade-off between a major vulnerability and security against insecure networks logging your DNS traffic. However, the LibreWolf documentation does include instructions to enable DoH.

A Foundation for Security

Used immediately after installation, LibreWolf may draw mixed reactions. Superficially, it could be called a streamlined Firefox, being notably faster and stripped of tools like Pocket and Firefox’s curated links, which you may never miss. However, LibreWolf initially may seem, like many privacy and security applications, an annoying reduction of convenience. The disabling of the automatic use of the password manager can be particularly annoying, because it is a feature that is easy to take for granted.

The best way to regard LibreWolf is as a framework from which to develop your own security and privacy implementation. By starting with potentially vulnerable features turned off, LibreWolf lets you know the exact state of your system. Rather than simply presenting users with its own ideal model, LibreWolf documents its choices with forthright language, even explaining how to enable what it turns off as well as the trade-offs if you choose to do so.

It takes time and research to customize LibreWolf, but when you are finished, you will have a leaner, more efficient browser. As an added benefit, you will know the exact state of your system’s security and will have learned enough about the issues involved to keep it that way. All that makes the sacrifice of a little inconvenience worthwhile.